Question 56327 in cPanel Question posted in
The official documentation can be seen here.

Cloning project from Cpanel git, showing this error "ssh remote host identification has changed"

I know similar questions have been asked many times, but there’s a difference here:

Trying to clone project from cpanel shared hosing server:

If tried with this command sudo git clone ssh://[email protected]:21098/home/mlbrpkxs/unified.mlbranch.com
it show the following error.

Cloning into 'unified.mlbranch.com'...
Unable to negotiate with 63.250.38.32 port 21098: no matching host key type found. Their offer: ssh-rsa,ssh-dss
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Then if found a solution here and try to clone with this command.

sudo GIT_SSH_COMMAND="ssh -oHostKeyAlgorithms=+ssh-dss" git clone ssh://[email protected]:21098/home/mlbrpkxs/unified.mlbranch.com

 Cloning into 'unified.mlbranch.com'...
 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
 Someone could be eavesdropping on you right now (man-in-the-middle attack)!
 It is also possible that a host key has just been changed.
 The fingerprint for the DSA key sent by the remote host is
 SHA256:hSIV2UEWbLuZQu2gkNaYNYxfmOd59VGlaNwXI85P+fA.
 Please contact your system administrator.
 Add correct host key in /var/root/.ssh/known_hosts to get rid of this message.
 Offending RSA key in /var/root/.ssh/known_hosts:1
 Host key for [mlbranch.com]:21098 has changed and you have requested strict checking.
 Host key verification failed.
fatal: Could not read from remote repository.

The most relevant question I found is here, which is closed as a duplicate of this one which itself is closed as off-topic. But they’re not the same anyway. Another related question is asked here.

In most cases, as we know, you can fix the problem by replacing the server key, for example by running:

ssh-keygen -R <host>

In my case:

ssh-keygen -R "[mlbranch.com]:21098"

But neither this solution, nor removing the offending key from the file ~/.ssh/known_hosts did solve my problem.

I have clean all of my known_hosts recommend by an answer by stackOver flow. Now I am completely stucked and unable to find any solution how can I resolve this issue.

Please note that I am using Mac book and my code is on a shared hosting that is using the Cpanel. On my other Mac’s I can get the clone.

Tags:

2

Answers


  1. 0

    Check first where is your private key.

    If it is in /home/aUser/.ssh, then sudo xxx will ignore it completely.
    You would need sudo ssh -i /home/aUser/.ssh/myPrivateKey [email protected]:21098 if you have to use root.

    With Git:

    sudo "GIT_SSH_COMMAND="ssh -oHostKeyAlgorithms=+ssh-dss -i /home/aUser/.ssh/myPrivateKey" git clone ssh://[email protected]:21098/home/mlbrpkxs/unified.mlbranch.com

    The best practice, however, is to avoid sudo except for system admin commands.

    Login or Signup to reply.
  2. 0

    Github just have updated the RSA SSH host key recently!

    At approximately 05:00 UTC on March 24, out of an abundance of caution, we replaced our RSA SSH host key used to secure Git operations for GitHub.com.

    To fix that, just add the new RSA SSH host key to .ssh/known_hosts file.

    Remove the old key by running this command:

    $ ssh-keygen -R github.com

    And add this to file .ssh/known_hosts

    echo "github.com ssh-rsa <OMITTED KEY>" >> ~/.ssh/known_hosts

    If you prefer do it manually

    github.com ssh-ed25519 <OMITTED KEY>
github.com ssh-rsa <OMITTED KEY>

    Or only this, if others not needed.

    github.com ssh-rsa <OMITTED KEY>

    Keys from source here:
    https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/githubs-ssh-key-fingerprints

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search